swaf/test/_authentication_common.ts

import {popEmail} from "./_mail_server";
import supertest from "supertest";
import {AppSupplier} from "./_app";
import TestApp from "../src/TestApp";
import Controller from "../src/Controller";
import CsrfProtectionComponent from "../src/components/CsrfProtectionComponent";
import AuthComponent from "../src/auth/AuthComponent";
import Migration, {MigrationType} from "../src/db/Migration";
import AddNameToUsersMigration from "../src/auth/migrations/AddNameToUsersMigration";
import AddApprovedFieldToUsersTableMigration from "../src/auth/migrations/AddApprovedFieldToUsersTableMigration";
import PasswordAuthProof from "../src/auth/password/PasswordAuthProof";
import MagicLink from "../src/auth/models/MagicLink";

export async function followMagicLinkFromMail(
    agent: supertest.SuperTest<supertest.Test>,
    cookies: string[],
    expectedRedirectUrl: string = '/',
): Promise<void> {
    const mail: Record<string, unknown> | null = await popEmail();
    expect(mail).not.toBeNull();

    const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0];
    expect(query).toBeDefined();

    await agent.get('/magic/link?' + query)
        .expect(200);
    await agent.get('/magic/lobby')
        .set('Cookie', cookies)
        .expect(302)
        .expect('Location', expectedRedirectUrl);
}

export async function testLogout(
    agent: supertest.SuperTest<supertest.Test>,
    cookies: string[],
    csrf: string,
): Promise<void> {
    // Authenticated
    await agent.get('/is-auth').set('Cookie', cookies).expect(200);

    // Logout
    await agent.post('/auth/logout')
        .set('Cookie', cookies)
        .send({csrf: csrf})
        .expect(302);

    // Not authenticated
    await agent.get('/is-auth').set('Cookie', cookies).expect(401);
}

export function authAppProvider(withUsername: boolean = true, approvalMode: boolean = false): AppSupplier<TestApp> {
    return async (addr, port) => {
        return new class extends TestApp {
            protected async init(): Promise<void> {
                this.use(new class extends Controller {
                    public routes(): void {
                        this.get('/', (req, res) => {
                            res.render('home');
                        }, 'home');
                        this.get('/csrf', (req, res) => {
                            res.send(CsrfProtectionComponent.getCsrfToken(req.getSession()));
                        }, 'csrf');
                        this.get('/is-auth', async (req, res) => {
                            const proofs = await this.getApp().as(AuthComponent).getAuthGuard().getProofs(req);
                            if (proofs.length > 0) res.sendStatus(200);
                            else res.sendStatus(401);
                        }, 'is-auth');
                        this.get('/has-any-password-auth-proof', async (req, res) => {
                            const proof = await PasswordAuthProof.getProofForSession(req.getSession());
                            if (proof) res.sendStatus(200);
                            else res.sendStatus(404);
                        }, 'is-auth');
                        this.get('/has-any-magic-link', async (req, res) => {
                            const proofs = await MagicLink.select()
                                .where('session_id', req.getSession().id)
                                .get();
                            if (proofs.length > 0) res.sendStatus(200);
                            else res.sendStatus(404);
                        }, 'is-auth');
                    }
                }());

                await super.init();
            }

            protected getMigrations(): MigrationType<Migration>[] {
                let migrations = withUsername ?
                    super.getMigrations() :
                    super.getMigrations().filter(m => m !== AddNameToUsersMigration);

                migrations = approvalMode ?
                    [...migrations, AddApprovedFieldToUsersTableMigration] :
                    migrations;

                return migrations;
            }
        }(addr, port, true);
    };
}
Authentication tests: add no username component tests Closes #7 2020-11-16 12:08:39 +01:00			`import {popEmail} from "./_mail_server";`
			`import supertest from "supertest";`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00			`import {AppSupplier} from "./_app";`
			`import TestApp from "../src/TestApp";`
			`import Controller from "../src/Controller";`
			`import CsrfProtectionComponent from "../src/components/CsrfProtectionComponent";`
			`import AuthComponent from "../src/auth/AuthComponent";`
			`import Migration, {MigrationType} from "../src/db/Migration";`
			`import AddNameToUsersMigration from "../src/auth/migrations/AddNameToUsersMigration";`
			`import AddApprovedFieldToUsersTableMigration from "../src/auth/migrations/AddApprovedFieldToUsersTableMigration";`
			`import PasswordAuthProof from "../src/auth/password/PasswordAuthProof";`
			`import MagicLink from "../src/auth/models/MagicLink";`
Authentication tests: add no username component tests Closes #7 2020-11-16 12:08:39 +01:00
			`export async function followMagicLinkFromMail(`
			`agent: supertest.SuperTest<supertest.Test>,`
			`cookies: string[],`
Add account management (email addresses management, password management) Closes #8 Closes #9 2021-01-21 15:58:03 +01:00			`expectedRedirectUrl: string = '/',`
Authentication tests: add no username component tests Closes #7 2020-11-16 12:08:39 +01:00			`): Promise<void> {`
			`const mail: Record<string, unknown> \| null = await popEmail();`
			`expect(mail).not.toBeNull();`

			`const query = (mail?.text as string).split('/magic/link?')[1].split('\n')[0];`
			`expect(query).toBeDefined();`

			`await agent.get('/magic/link?' + query)`
			`.expect(200);`
			`await agent.get('/magic/lobby')`
			`.set('Cookie', cookies)`
			`.expect(302)`
Add account management (email addresses management, password management) Closes #8 Closes #9 2021-01-21 15:58:03 +01:00			`.expect('Location', expectedRedirectUrl);`
Authentication tests: add no username component tests Closes #7 2020-11-16 12:08:39 +01:00			`}`

			`export async function testLogout(`
			`agent: supertest.SuperTest<supertest.Test>,`
			`cookies: string[],`
			`csrf: string,`
			`): Promise<void> {`
			`// Authenticated`
			`await agent.get('/is-auth').set('Cookie', cookies).expect(200);`

			`// Logout`
			`await agent.post('/auth/logout')`
			`.set('Cookie', cookies)`
			`.send({csrf: csrf})`
			`.expect(302);`

			`// Not authenticated`
			`await agent.get('/is-auth').set('Cookie', cookies).expect(401);`
			`}`
Approval mode: revoke unapproved users auth proofs Also add tests for auth approval mode 2021-04-22 15:38:24 +02:00
			`export function authAppProvider(withUsername: boolean = true, approvalMode: boolean = false): AppSupplier<TestApp> {`
			`return async (addr, port) => {`
			`return new class extends TestApp {`
			`protected async init(): Promise<void> {`
			`this.use(new class extends Controller {`
			`public routes(): void {`
			`this.get('/', (req, res) => {`
			`res.render('home');`
			`}, 'home');`
			`this.get('/csrf', (req, res) => {`
			`res.send(CsrfProtectionComponent.getCsrfToken(req.getSession()));`
			`}, 'csrf');`
			`this.get('/is-auth', async (req, res) => {`
			`const proofs = await this.getApp().as(AuthComponent).getAuthGuard().getProofs(req);`
			`if (proofs.length > 0) res.sendStatus(200);`
			`else res.sendStatus(401);`
			`}, 'is-auth');`
			`this.get('/has-any-password-auth-proof', async (req, res) => {`
			`const proof = await PasswordAuthProof.getProofForSession(req.getSession());`
			`if (proof) res.sendStatus(200);`
			`else res.sendStatus(404);`
			`}, 'is-auth');`
			`this.get('/has-any-magic-link', async (req, res) => {`
			`const proofs = await MagicLink.select()`
			`.where('session_id', req.getSession().id)`
			`.get();`
			`if (proofs.length > 0) res.sendStatus(200);`
			`else res.sendStatus(404);`
			`}, 'is-auth');`
			`}`
			`}());`

			`await super.init();`
			`}`

			`protected getMigrations(): MigrationType<Migration>[] {`
			`let migrations = withUsername ?`
			`super.getMigrations() :`
			`super.getMigrations().filter(m => m !== AddNameToUsersMigration);`

			`migrations = approvalMode ?`
			`[...migrations, AddApprovedFieldToUsersTableMigration] :`
			`migrations;`

			`return migrations;`
			`}`
			`}(addr, port, true);`
			`};`
			`}`